On Mon, Sep 03, 2012 at 10:28:06AM +0200, Helga Mayer wrote:
[...]
> >user name jhondoe
> >password 12345678
> >
> >but when user authenticate 12345678__-- authenticate again.
> >
> >but when users enter a12345678 can't authenticate
> The first 8 characters matter. This looks like a problem of the
On Tue, Aug 28, 2012 at 04:33:16PM -0400, Jon A. wrote:
> I'd like to immediately reject mail for all destinations with ONLY a
> fakemx.net record. While I could block these as I find them, I'd prefer to
> detect it if possible.
> One such:
>
> hitmail.com mail is handled by 0 mx.fakemx.net.
I a
Hi All,
I'd like to use MySQL table to block some of the peer MTAs based on their IP
addresses by storing IP pools ('from' and 'to' addresses as unsigned integers,
using MySQL's INET_ATON() function) in MySQL as blocked IP ranges.
However I found a little problem in my solution:
As access table
On Tue, Jan 31, 2012 at 09:44:22PM -0600, /dev/rob0 wrote:
> On Tue, Jan 31, 2012 at 08:54:33PM -0600, Noel Jones wrote:
> > On 1/31/2012 8:30 PM, l...@airstreamcomm.net wrote:
> > > What we were thinking was using RBLs to dynamically block known
> > > malicious IPs before allowing SMTP Auth to oc
Hi,
First of all, I know sending NDRs is not a great idea. I do sender/rcpt
checking, and so on, but still there are some cases when NDRs are generated
or sent (for example: customer's own mail server which generates NDR - I
have no control over it - and I have outgoing relay service for customers
On Fri, Dec 30, 2011 at 09:27:08AM -0500, Wietse Venema wrote:
> > This is easily done with Postfix virtual_alias_maps (NOT:
> > virtual_alias_domains).
> >
> > If the user wants a local copy:
> >
> > Search string Lookup result
> > u...@example.com -> u...@example.com, xxx@yyy.exam
On Fri, Dec 30, 2011 at 03:01:03PM +0100, Jeroen Geilman wrote:
> >The key of my idea: I don't even bother mail store server even if I am able
> >to. The reason: why I have to give load to the mail store server to pass
> >mails there which will be forwarded then back, if I can do the forward step
On Fri, Dec 30, 2011 at 08:12:59AM -0500, Jerry wrote:
> On Fri, 30 Dec 2011 14:01:52 +0100
> Gábor Lénárt articulated:
>
> > I have a "mail store server" which is's not an open source software
> > and I can't modify its internals (neither it supports the
Hi,
I have a "mail store server" which is's not an open source software and I
can't modify its internals (neither it supports the feature I have to
implement). However there is the project now that every mail user can set
forward address (or even addresses - it's possible to give more forward
add
On Thu, Dec 15, 2011 at 09:35:19AM -0600, /dev/rob0 wrote:
> > I am thinking to use postscreen with mail submission server as
> > well since its rbl check seems to be better in performance than
> > using smtpd's one.
>
> The difference is in how it is done. smtpd checks each DNSBL in
> sequence,
On Thu, Dec 15, 2011 at 08:19:18AM -0600, /dev/rob0 wrote:
> On Thursday 15 December 2011 07:53:35 Tomas Macek wrote:
> > I'd like to use postcreen as some kind of spam protection.
> > According to documentation
> >
> > * postscreen(8) should not be used on SMTP ports that receive mail
> > from en
On Fri, Jul 08, 2011 at 11:42:51PM +0200, Ansgar Wiechers wrote:
> is perfectly fine. And unless you have rather strict security
> requirements (in which case your ruleset would allow far less protocols
> to begin with), you can simply accept everything in the OUTPUT chain:
>
> iptables -P OUTPU
On Fri, Apr 29, 2011 at 11:12:43AM +0200, Jeroen Geilman wrote:
> >Received: perfectly normal things
> > can be seen here
> > because it's already our system
> >Received: from [109.91.80.133] (HELO VKYNBXL)
> > by moln-51ca578dee (8.14.3/8.14.3) with SMTP id 39875026 for
> > dma...@
Hi,
Recently I noticed that I have mails with mail headers like this:
Received: perfectly normal things
can be seen here
because it's already our system
Received: from [109.91.80.133] (HELO VKYNBXL)
by moln-51ca578dee (8.14.3/8.14.3) with SMTP id 39875026 for
dma...@xx.xx; Thu
On Thu, Apr 28, 2011 at 11:26:03AM +0200, Reindl Harald wrote:
>
> Am 28.04.2011 10:58, schrieb Gábor Lénárt:
> > Hi All,
> >
> > I've just noticed that some domains have MX records like this:
> >
> > example.com.IN MX 10 mail.
> >
>
Hi All,
I've just noticed that some domains have MX records like this:
example.com.IN MX 10 mail.
The problem: I have "search ourowndomain.tld" in /etc/resolv.conf. This
causes that postfix tries to look up mail.ourowndomain.tld as well when
someone tries to send email to domain example.com
On Fri, Apr 08, 2011 at 01:52:29PM +0200, Reindl Harald wrote:
> > I don't think it's a good idea, it's part of the standard. We have smaller
> > (legitime) mail servers receiving mails having only A record. Why would I
> > need MX record, if A is ok for me? I only set up MX records when it's
> >
On Fri, Apr 08, 2011 at 05:05:45PM +0530, kshitij mali wrote:
> HI All
>
>
> Postfix will try to deliver email based on A record suppose the mx record is
> missing , so how to diable this .
>
> I mean to say postfix should send email based on MX record only and if mx
> record not bound then imme
On Thu, Apr 07, 2011 at 02:40:09PM -0400, Victor Duchovni wrote:
> On Thu, Apr 07, 2011 at 08:27:01PM +0200, G?bor L?n?rt wrote:
>
> > I don't want to check if rcpt domain is mine (I have no "own" domains on
> > this MTA). I want to accept everything if sender is authenticated, since
> > it's a m
On Thu, Apr 07, 2011 at 12:42:49PM -0500, Noel Jones wrote:
> On 4/7/2011 11:00 AM, Gábor Lénárt wrote:
> >On Thu, Apr 07, 2011 at 10:40:28AM -0500, Noel Jones wrote:
> >[...]
> >>Use instead:
> >>smtpd_recipient_restrictions =
> >> permit_sasl_authenti
On Thu, Apr 07, 2011 at 12:56:41PM -0400, Victor Duchovni wrote:
> On Thu, Apr 07, 2011 at 06:42:22PM +0200, G?bor L?n?rt wrote:
>
> > On Thu, Apr 07, 2011 at 12:20:51PM -0400, Victor Duchovni wrote:
> > > On Thu, Apr 07, 2011 at 05:57:24PM +0200, G?bor L?n?rt wrote:
> > >
> > > > > Instead, Post
On Thu, Apr 07, 2011 at 12:20:51PM -0400, Victor Duchovni wrote:
> On Thu, Apr 07, 2011 at 05:57:24PM +0200, G?bor L?n?rt wrote:
>
> > > Instead, Postfix requires that you have one or more of (reject,
> > > reject_unauth_destination, etc.) SOMEWHERE in
> > > sender_recipient_restrictions.
> >
> >
On Thu, Apr 07, 2011 at 10:40:28AM -0500, Noel Jones wrote:
[...]
> Use instead:
> smtpd_recipient_restrictions =
> permit_sasl_authenticated,
> reject
>
> The overhead is negligible -- just check an internal status flag,
> about the same as your fake table lookup -- and may save you from an
>
On Thu, Apr 07, 2011 at 11:43:55AM -0400, Wietse Venema wrote:
> G�bor L�n�rt:
> > Hi,
> >
> > I have the idea to simply put "permit" at the end of
> > smtpd_recipient_restrictions. No, I don't want open relay :) but I do all
> > the checks to make it secure in sender_recipient_restrictions. Postf
Hi,
I have the idea to simply put "permit" at the end of
smtpd_recipient_restrictions. No, I don't want open relay :) but I do all
the checks to make it secure in sender_recipient_restrictions. Postfix
nicely wants to change my mind about this idea. So my question that:
is it safe to do what I wan
Hi,
I have a mail submit server for our users. What I would like is checking
sender and rcpt addresses if they belong to the domains at least which are
handled by us (of course I can't check if mail is sent to another domain
where I don't know the valid addresses, and I don't want to do SAV).
I h
On Thu, Mar 31, 2011 at 07:51:43PM +0200, Ralf Hildebrandt wrote:
> > Are there any suggestions on how to tune postfix to limit the spam
> > throughput?
> > There are also legitimate users who have bulk email to send, so
> > limiting by recipient quantity (as we do on our webmail) wouldn't be
> > d
Hi,
I've tried to utilize google a bit to find some similar problems, but I had
no success, so I am trying here now.
I have some (quite old ... I know) MTAs running postfix:
2.5.4 on Solaris 10 (sparc)
2.5.1 on Ubuntu Linux 8.04.4 LTS (32 bit x86)
2.5.4 on Solaris 9 (sparc)
Most of the time, no
On Fri, Feb 25, 2011 at 03:08:51PM +0100, lst_ho...@kwsoft.de wrote:
[...]
> >Is there any reason they can't do this:
> >
> >Postfix "job" script:
> >
> > pre-start exec postfix start
> > post-stop exec postfix stop
> >
> >With this, the system will do the work for them, and everythin
On Mon, Nov 29, 2010 at 08:53:43AM +0100, Mauro wrote:
> On 29 November 2010 01:56, Victor Duchovni
> wrote:
> > On Sun, Nov 28, 2010 at 01:36:12PM -0700, ghe wrote:
> >
> >>> I run postfix and my mail clients use smtps so I was thinking I may as
> >>> well close port 25. How can I do that?
> >>
On Fri, Aug 20, 2010 at 03:39:48AM -0500, Stan Hoeppner wrote:
> Robert Fournerat put forth on 8/19/2010 4:46 PM:
> > Quoting Noel Jones :
> >
> >> Same here. reject_unknown_client_hostname is too strict, but
> >> reject_unknown_reverse_client_hostname rejects lots of obvious spambots
> >> withou
On Tue, Apr 13, 2010 at 08:49:42PM -0700, John Schmitt wrote:
> > > Out: 220 mymachine.mydomain.net ESMTP Postfix
> > > In: HELO mymachine
> > > Out: 250 mymachine.mydomain.net
> > > In: MAIL FROM:<>
> > > Out: 250 2.1.0 Ok
> > > In: RCPT TO:<"???B?\" >
> > > Out: 501 5.1.3 Bad recipient
On Wed, Apr 07, 2010 at 07:52:56PM +1000, Jim Smith wrote:
[...]
> How can I make it so that Subject: =?utf-8?B?UX. is displayed correctly
> in it's native language? (in this case it's Chinese but it could be another
> language)
As far as I know such a transformation is the job of a MUA for ex
On Mon, Mar 22, 2010 at 02:36:21PM +0200, Dudi Goldenberg wrote:
> >250-mail.iamghost.com
> >250-PIPELINING
> >250-SIZE 1024
> >250-VRFY
> >250-ETRN
> >250-XXXA
> >250-AUTH PLAIN LOGIN
> >250-AUTH=PLAIN LOGIN
> >250-ENHANCEDSTATUSCODES
> >250-8BITMIME
> >250 DSN
>
> My guess is that you ha
On Fri, Jul 03, 2009 at 10:58:34PM +1000, Barney Desmond wrote:
> > I think, protocol itself is just the communication between MTAs (it does not
> > store anything itself, MTAs which uses the SMTP can/must store things while
> > using SMTP to communicate with other MTAs).As proxy level firewalls ha
On Fri, Jul 03, 2009 at 02:30:10PM +0200, Jozsef Kadlecsik wrote:
> > > This is all very standard behaviour for an MTA. Recipient checking is
> > > a very common task for most Postfix users. Regardless of what you
> > > expect or want, SMTP is a store-and-forward protocol - queues are a
> > > stron
On Fri, Jul 03, 2009 at 09:55:40PM +1000, Barney Desmond wrote:
> > Recently I am thinking of reimplementing our MX servers. Of course rcpt
> > check is a must, also I should not generate NDRs later, I should only accept
>
>
> This is all very standard behaviour for an MTA. Recipient checking is
Hei,
Recently I am thinking of reimplementing our MX servers. Of course rcpt
check is a must, also I should not generate NDRs later, I should only accept
mails from outside which won't cause bounce on the mail store MTA later. My
problem: there are some conditions cannot be forecasted easily, I ca
Hei,
On Wed, Jun 10, 2009 at 09:29:06AM +0200, Ralf Hildebrandt wrote:
> > I'm looking for a tool that can handle confirmation emails with
> > captcha and that works with postfix.
> >
> > The idea is, when somebody sends me an email and this address have
> > never sent me any other mail, automati
Hei,
I'm about implementing mail infrastructure for receiving mails from the
outside ("MX servers", they will run postfix). But now I have a question
which more or less a generic one. I would like to minimalize the amount of
information needed for a DNS zone to set up mail receiving through thes
On Wed, Jan 21, 2009 at 12:38:28PM -0600, Noel Jones wrote:
[...]
> Also sounds as if you don't have a valid recipient list for these
> customers. Not OK. Your queue is likely filled with lots of
> undeliverable mail to unknown recipients, and undeliverable bounces to
> bogus senders, plus you
On Wed, Jan 21, 2009 at 01:49:35PM -0500, Victor Duchovni wrote:
[...]
> Sorry, without an enhanced status code after the 450, you really don't
> have anything to work with. The most plausible feature in this space is
> "selective soft_bounce" where some, but not all, enhanced status codes
> are do
Hei,
I have a got a stupid problem. We have some customers saying they can't and
don't want to reconfigure their mail servers even if Planet-X hits Earth and
that would help to avoid it :) And their MTAs always responds with:
450 : Recipient address rejected: User
unknown in local recipient ta
Hi,
On Thu, Oct 02, 2008 at 12:15:43PM +0400, Алексей Доморадов wrote:
> > css2.ndcorp.com is not delegated, but ndcorp.com is:
> I think css2.ndcorp.com it's a host, not subdomain
And? It does not matter. Postfix like any other MTA does A and MX record
lookup from DNS, it does not care about wh
44 matches
Mail list logo
